Security Analysis of Cache Replacement Policies
Pablo Ca\~nones, Boris K\"opf, Jan Reineke

TL;DR
This paper introduces a new model to quantify and analyze security properties of shared CPU caches, focusing on information absorption and extraction, and compares different cache replacement policies for their security implications.
Contribution
It presents a novel framework for systematically assessing cache security, including algorithms to improve static analysis bounds and compare policies like FIFO, LRU, and PLRU.
Findings
The model quantifies information absorption and extraction in caches.
Comparison of FIFO, LRU, and PLRU policies reveals their security differences.
An algorithm improves static cache analysis bounds.
Abstract
Modern computer architectures share physical resources between different programs in order to increase area-, energy-, and cost-efficiency. Unfortunately, sharing often gives rise to side channels that can be exploited for extracting or transmitting sensitive information. We currently lack techniques for systematic reasoning about this interplay between security and efficiency. In particular, there is no established way for quantifying security properties of shared caches. In this paper, we propose a novel model that enables us to characterize important security properties of caches. Our model encompasses two aspects: (1) The amount of information that can be absorbed by a cache, and (2) the amount of information that can effectively be extracted from the cache by an adversary. We use our model to compute both quantities for common cache replacement policies (FIFO, LRU, and PLRU) and…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Cloud Data Security Solutions · Parallel Computing and Optimization Techniques
